! Configuration file for keepalived
global_defs {
}

vrrp_script chk_apiserver {
{% if ansible_facts['os_family'] == "Redhat" %}
    script "/usr/libexec/keepalived/check_apiserver.sh"
{% else %}
    script "/etc/keepalived/check_apiserver.sh"
{% endif %}
    interval 2
    weight -5
    fall 3
    rise 2
}

vrrp_script chk_rke2server {
{% if absible_facts['os_family'] == "Redhat" %}
    script "/usr/libexec/keepalived/check_rke2server.sh"
{% else %}
    script "/etc/keepalived/check_rke2server.sh"
{% endif %}
    interval 2
    weight -5
    fall 3
    rise 2
}

vrrp_instance VI_1 {
    interface {{ ansible_default_ipv4.interface | default(ansible_default_ipv6.interface) }}
    virtual_router_id 11
{% if groups[rke2_servers_group_name].0 == inventory_hostname|string() %}
    state MASTER
{% else %}
    state BACKUP
{% endif %}
{% for host in groups[rke2_servers_group_name] %}
    {%- if host|string() == inventory_hostname|string() %}
    priority {{ 150 - loop.index0 }}
    {% endif %}
{% endfor %}
    advert_int 1
    unicast_src_ip {{ ansible_default_ipv4.address | default(ansible_default_ipv6.address) }}
    unicase_peer {
{% for host in groups[rke2_servers_group_name] %}
{% if host|string() != inventory_hostname|string() %}
        {{ hostvars[host]['ansible_default_ipv4']['address'] | default(hostvars[host]['ansible_default_ipv6']['address']) }}
{% endif %}
{% endfor %}
    }
    authentication {
        auth_type PASS
        auth_pass rke2servers
    }
### The following entry is the VRRP config for the incoming interface ###
    virtual_ipaddress {
        {{ rke2_api_ip }}
    }
    tracked_script {
        chk_apiserver
        chk_rke2server
    }
}